CareCloud Announces SSAE 16 SOC 1 Cloud Security ComplianceJune 22, 2017
CareCloud, the platform for high-performing medical groups, today announced that it has successfully completed its first Statement on Standards for Attestation Engagements (SSAE) No. 16 Service Organization Control (SOC) 1 report. This voluntary attestation allows medical groups and their auditors to quickly verify that CareCloud has the proper internal controls and processes needed to ensure the highest quality and security of services provided.
"Our clients depend on us to deliver a quality, secure information technology infrastructure to support their financial, administrative, and care delivery processes," said Ken Comée, CEO of CareCloud. "With this independent audit, we’re giving them the external validation they need for their financial statements while reinforcing the steps we take every day to protect the integrity and security of their data."
As an SSAE 16-compliant company, CareCloud has demonstrated its commitment to maintaining the highest standards in processes, controls, and procedures. SSAE 16 is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). A SOC 1 report is widely recognized because it represents that a service organization has been through an in-depth audit of its control activities.
Companies that complete an annual SOC 1 examination are able to demonstrate a substantially higher level of assurance and operational visibility than those companies that do not. The Service Auditors’ Report includes a detailed description of CareCloud’s controls and an independent assessment of whether the controls are suitably designed and operating.
CareCloud’s controls were created in line with industry information technology and security best practices. The systems and processes evaluated in this report included security monitoring, change management, problem management, backup controls, physical and environmental safeguards, and logical access. The report also validated CareCloud’s controls into its implementations and revenue cycle management processes.
The Service Auditors’ Report demonstrates that CareCloud’s control activities were effectively placed in operation as of March 15, 2017.